Legislation that would require telephone companies and Internet service providers to save information about customers' communications is set to proceed despite being rejected by the European Parliament.

The legislation's draft proposal was introduced jointly by France, Ireland, Sweden and the United Kingdom to aid law enforcement in combating terrorist acts. It will require phone companies and ISPs to retain for 12 to 36 months customer data such as the time, date and location of sent and received e-mails and phone calls. The content of the communications, however, will not be retained.

The European Parliament on Tuesday rejected the proposal, partly on grounds it could be illegal.

"There are sizable doubts on the choice of the legal basis and the proportionality of the measures. It is also possible that the proposal contravenes Article 8 of the European Convention on Human Rights," the report from the parliamentary committee on Civil Liberties, Justice and Home Affairs says.

The committee also criticized the proposal because the data would be difficult to analyze and criminals could find a way around it.

"Given the volume of data to be retained, particularly Internet data, it is unlikely that an appropriate analysis of the data will be at all possible," the report says. "Individuals involved in organized crime and terrorism will easily find a way to prevent their data being traced."

The amount of data collected would be 20,000 to 40,000 terabytes or "equivalent to 10 stacks of files each reaching from Earth to the moon," the report said, and the cost to each affected company would be 180 million pounds per year.

In spite of this rejection, though, Luxembourg minister Nicolas Schmit said Tuesday that the Council of Ministers will stand by the proposal, which has now been referred back to the parliamentary civil liberties committee.

The European Commission is also getting involved. It has said it will introduce a new proposal for communications-data retention with a different legal basis by the summer.

Regardless of the European legislation, in the U.K. communication service providers already retain data on customers' phone calls, e-mails and Web behavior for one year, thanks to the Regulation of Investigatory Powers Act.